mirrors/redoctober
1
0
Fork 0
mirror of https://github.com/cloudflare/redoctober.git synced 2026-01-08 07:11:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
194 Commits 12 Branches 0 Tags
07b99b15f39486b9ce8dc4145d433f16aae0dabe
Commit Graph

194 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Brendan McMillion
07b99b15f3 Update comments. 2015-11-20 10:22:59 -08:00
Brendan McMillion
61540eca4e Bug fixes from code audit. 
- Catch ignored error.
- Make sure that key data exists in the EncryptedData object as well as in the key cache.
 2015-11-13 16:21:30 -08:00
Brendan McMillion
362e20533a Respond to PR requests. 
- Type String renamed Name.
- Panic if an invalid modulus size is chosen rather.
- Name the interface arguments for the UserDatabase.
 2015-11-12 09:12:22 -08:00
Brendan McMillion
2422b2920d Update owners API and README with predicates. 2015-11-11 15:23:14 -08:00
Brendan McMillion
68e5403a7b Add predicate section to UI. 2015-11-11 15:22:57 -08:00
Brendan McMillion
d93709973e Track delegates when decrypting with shares. 2015-11-11 15:22:33 -08:00
Brendan McMillion
701b938562 Import bug fixes from MSP. 2015-11-11 15:22:12 -08:00
Brendan McMillion
4c161e343c Write better error messages. 2015-11-11 15:22:00 -08:00
Brendan McMillion
9e514e902a Shorten key by 2 bits. 2015-11-11 15:21:49 -08:00
Brendan McMillion
e652300f43 Vendored in Bren2010/MSP 2015-11-11 15:20:46 -08:00
Brendan Mc
becabb40e9 Integration with Bren2010/MSP 2015-11-11 15:20:17 -08:00
Kyle Isom
c0932d9cb5 Merge pull request #102 from ejcx/multiDel 
Multiple delegations to redoctober
 2015-11-11 08:28:35 -08:00
ejcx
c9a381d5c2 Multiple delegations to redoctober 
The idea is to create a new type (to avoid ugly string parsing) and
then, instead of iterating through delegations with the username, iterate
through the delegations and look for your username and matching slot. Also
in cases we don't have the slot (everything but delegation), find the slot
when we match a user.
 2015-11-11 08:26:26 -08:00
Kyle Isom
c08ad05776 Merge pull request #93 from j-delaney/api-testing 
Allow testing the API itself
 2015-11-03 13:57:49 -08:00
J Delaney
e4612a6e40 Test API response format and messages 2015-11-03 13:36:25 -08:00
jkroll-cf
9f7d323706 Merge pull request #101 from cloudflare/jkroll/add-sni 
Add a NameToCertificate map.
 2015-11-02 16:53:37 -08:00
Joshua Kroll
bdd83dee7c Add a NameToCertificate map. 
This enables SNI. Also fix bad session tickets issue from before.
 2015-11-02 16:14:05 -08:00
jkroll-cf
f3d13da29b Merge pull request #100 from cloudflare/jkroll/listen-tls-socket-activated 
Wrap systemd-provided sockets in a TLS listener.
 2015-11-02 15:45:14 -08:00
Joshua Kroll
90ff2ceae2 Improve RO TLS config. 2015-11-02 15:06:17 -08:00
Joshua Kroll
fe973169fa Wrap systemd-provided sockets in a TLS listener. 
This fixes a bug introduced by the new socket activation/systemd-brokered listening whereby Red October speaks HTTP rather than HTTPS over that socket.
 2015-11-02 13:20:53 -08:00
Kyle Isom
b7956979f4 Merge pull request #99 from ejcx/evan/ro-98 
Return error when attempting to delegate to non-existant user
 2015-10-29 15:06:17 -07:00
evan
846ac3f6c4 Return error when attempting to delegate to non-existant user to UI and API 2015-10-29 14:20:38 -07:00
jkroll-cf
ca3a0c6b77 Merge pull request #96 from cloudflare/jkroll/multicert 
Merge -multicert/-cert and -multikey/-key into new flags -certs and -keys
 2015-10-15 15:03:26 -07:00
Joshua Kroll
96c07919bb Fix the usage string, example systemd files, and README for breaking flags change. 2015-10-15 12:41:10 -07:00
Joshua Kroll
883ec0d8fb Merge the functionality of multiple keys/certs and single keys/certs into single flags. 
This makes configuration easier, as the same flag is used regardless of how many keys/certs are being provided.
 2015-10-15 10:54:06 -07:00
jkroll-cf
4614f48525 Merge pull request #95 from cloudflare/jkroll/multicert 
Modify Red October to listen with multiple certificates.
 2015-10-14 16:04:47 -07:00
Joshua Kroll
1c9bccbfcc Modify Red October to listen with multiple certificates. 
This allows a single Red October instance to have multiple names,
which is useful for load-balancing across multiple instances (e.g.,
one can have a fleet of instances (ro1, ro2, ...) and also a logical
name (redoctober.example.com) and have working access via both names
thanks to the magic of SNI.
 2015-10-13 21:44:30 -07:00
Nick Sullivan
309f6021e2 Merge pull request #88 from cloudflare/jkroll/listen-systemd 
Add the ability to listen to systemd-provided sockets.
 2015-10-10 15:35:47 -07:00
Nick Sullivan
1b7bc1fb07 Merge pull request #94 from j-delaney/test-passvault 
Add tests for passvault ChangePassword, NumRecords, and GetSummary
 2015-10-10 15:34:31 -07:00
J Delaney
a909e17694 Add tests for passvault ChangePassword, NumRecords, and GetSummary 2015-10-10 14:54:26 -07:00
Nick Sullivan
15600b08ff Merge pull request #92 from j-delaney/create-user-readme 
Update README to explain the UserType option in create-user API
 2015-10-10 12:05:38 -07:00
J Delaney
3eab302f81 Update README to explain what the UserType option is for in the create-user API 2015-10-10 11:32:19 -07:00
Nick Sullivan
a196ecaa99 Merge pull request #89 from wl2002/updating_passvault_test 
MakeRevokeAdmin, DeleteRecord tests
 2015-10-09 13:28:12 -07:00
Nick Sullivan
a580acccda Merge pull request #90 from j-delaney/create-user-api 
Dedicated API endpoint for creating users
 2015-10-09 13:27:50 -07:00
J Delaney
51f74f29e2 Update README to include documentation on create user API 2015-10-09 13:06:32 -07:00
J Delaney
f3c8ec98e6 Add tests for dedicated user creation API 2015-10-09 13:00:45 -07:00
J Delaney
2cb02e33bc Update web interface to use dedicated user creation API 2015-10-09 13:00:33 -07:00
J Delaney
9443fdbf7a Add dedicated API for creating users 2015-10-09 13:00:08 -07:00
William Lewis
1fc30e968e MakeRevokeAdmin, DeleteRecord tests 2015-10-09 12:41:07 -07:00
Joshua Kroll
638a25bbbc Add the ability to listen to systemd-provided sockets. 
Add a new flag, -systemdfds, which causes Red October to expect to be
provisioned on launch with file descriptors for sockets opened by
systemd. This is useful for socket activation, but also allows systemd
to bind privileged ports for us. I've included example systemd
configuration files that successfully start Red October as a service
user without admin rights but bound to 443 in a Jessie VM for me. They
need to be installed where systemd expects them, which on Jessie is
/etc/systemd/system/redoctober.service and
/etc/systemd/system/sockets.target.wants/redoctober.socket.
 2015-10-09 11:24:08 -07:00
Nick Sullivan
69359bf035 Merge pull request #84 from j-delaney/j-delaney/TestValidateName 
Add test for validateName function
 2015-10-09 11:22:14 -07:00
Nick Sullivan
7a90555624 Merge pull request #86 from wl2002/updating_passvault_test 
Adding TestChangePassword to passvault_test.go
 2015-10-09 10:48:57 -07:00
Nick Sullivan
3cf9ac90df Merge pull request #87 from cloudflare/nick/readme 
Fix README
 2015-10-09 10:48:49 -07:00
Nick Sullivan
9ba021c622 Fix README 2015-10-09 10:48:23 -07:00
Nick Sullivan
f1610842d7 Merge pull request #85 from cloudflare/nick/cover 
Add coverage information through cover.io
 2015-10-09 10:39:24 -07:00
William Lewis
83d4792bc9 Adding TestChangePassword to tests 2015-10-09 10:35:53 -07:00
Nick Sullivan
62d79f2503 Add coverage information through cover.io 2015-10-09 10:35:29 -07:00
J Delaney
018b541e20 Add test for validateName function 2015-10-09 10:11:08 -07:00
Kyle Isom
f8ed334437 Merge pull request #83 from cloudflare/zi/fix-response-parsing 
Zi/fix response parsing
 2015-09-28 16:17:25 -07:00
Zi Lin
fa395ea5b7 add a TODO for formatted summary output in ro cli 2015-09-28 15:33:22 -07:00